Alex Pinto
@alexcp.bsky.social
Cybersecurity data storytelling. DBIR at Verizon Business. Previously serial founder and parallel shitposter. He/him.
2026 DBIR sneak peek:
“Water plays an increasingly significant role in [ransomware] attacks. In 2024, 100% of recorded ransomware events were attributed to threat actors that drink water”
“Water plays an increasingly significant role in [ransomware] attacks. In 2024, 100% of recorded ransomware events were attributed to threat actors that drink water”
November 3, 2025 at 5:36 PM
2026 DBIR sneak peek:
“Water plays an increasingly significant role in [ransomware] attacks. In 2024, 100% of recorded ransomware events were attributed to threat actors that drink water”
“Water plays an increasingly significant role in [ransomware] attacks. In 2024, 100% of recorded ransomware events were attributed to threat actors that drink water”
What is an “AI-enabled Ransomware”?
As ransomware attacks accelerate in speed and sophistication, 38% of security leaders rank AI-enabled ransomware as their top concern — the most frequently cited worry about AI-related security issues according to CSO’s new 2025 Security Priorities study. www.csoonline.com/article/4075...
AI-enabled ransomware attacks: CISO’s top security concern — with good reason
New surveys from CSO and CrowdStrike reveal growing fears that generative AI is accelerating ransomware attacks while defenders rush to harness the same technology to fight back.
www.csoonline.com
October 21, 2025 at 5:19 PM
What is an “AI-enabled Ransomware”?
Reposted by Alex Pinto
i'm inventing a new kind of roguelike where instead of poker, slot machines or coin flipping you play as a little guy with a sword
October 3, 2025 at 4:29 PM
i'm inventing a new kind of roguelike where instead of poker, slot machines or coin flipping you play as a little guy with a sword
Reposted by Alex Pinto
THE MEME IS REAL
September 29, 2025 at 1:38 AM
THE MEME IS REAL
Reposted by Alex Pinto
I did a long, in depth podcast with Shannon Lantzy, you can listen at https://www.shannonlantzy.com/post/from-microsoft-s-crisis-to-medical-device-revolution-the-evolution-of-threat-modeling
From Microsoft's Crisis to Medical Device Revolution: The Evolution of Threat Modeling
The year 2002 marked a turning point in cybersecurity history, though few realized it at the time. Microsoft was hemorrhaging customers due to security vulnerabilities, worms were spreading unchecked, and patching costs were mounting. In the midst of this crisis, Bill Gates penned his famous memo on "trustworthy computing," setting the stage for a fundamental transformation in how we approach software security.At the center of this transformation was Adam Shostack, a critic-turned-insider who wo
www.shannonlantzy.com
September 26, 2025 at 5:17 PM
I did a long, in depth podcast with Shannon Lantzy, you can listen at https://www.shannonlantzy.com/post/from-microsoft-s-crisis-to-medical-device-revolution-the-evolution-of-threat-modeling
Putting the whole “chat bots are bad for your psyche” thing aside, this is brilliant experiment design.
www.businessinsider.com/reddit-aita-...
www.businessinsider.com/reddit-aita-...
Am I the jerk? Redditors say yes — but ChatGPT and other bots say no.
ChatGPT and other AI bots tell posters from Reddit's "AITA" board that, actually, they're not the jerks.
www.businessinsider.com
September 16, 2025 at 8:19 PM
Putting the whole “chat bots are bad for your psyche” thing aside, this is brilliant experiment design.
www.businessinsider.com/reddit-aita-...
www.businessinsider.com/reddit-aita-...
As a Brazilian-American, my feelings about 9/11 are now very conflicted.
September 11, 2025 at 8:10 PM
As a Brazilian-American, my feelings about 9/11 are now very conflicted.
This one did make the DBIR Breach Hall Of Fame 2019. First and only breach where the threat actor was outside planet Earth.
github.com/vz-risk/VCDB...
github.com/vz-risk/VCDB...
September 11, 2025 at 2:57 PM
This one did make the DBIR Breach Hall Of Fame 2019. First and only breach where the threat actor was outside planet Earth.
github.com/vz-risk/VCDB...
github.com/vz-risk/VCDB...
Reposted by Alex Pinto
Now available on-demand.
What Gets Measured, Gets Done: A National Dashboard for Cybersecurity
www.youtube.com/watch?v=yBeV...
with lumanaries in the cyber measurement field.
#cybersecurity #cybermetrics #threatintelligence
What Gets Measured, Gets Done: A National Dashboard for Cybersecurity
www.youtube.com/watch?v=yBeV...
with lumanaries in the cyber measurement field.
#cybersecurity #cybermetrics #threatintelligence
CTA Webinar What Gets Measured, Gets Done A National Dashboard for Cybersecurity
YouTube video by Cyber Threat Alliance
www.youtube.com
September 11, 2025 at 2:43 PM
Now available on-demand.
What Gets Measured, Gets Done: A National Dashboard for Cybersecurity
www.youtube.com/watch?v=yBeV...
with lumanaries in the cyber measurement field.
#cybersecurity #cybermetrics #threatintelligence
What Gets Measured, Gets Done: A National Dashboard for Cybersecurity
www.youtube.com/watch?v=yBeV...
with lumanaries in the cyber measurement field.
#cybersecurity #cybermetrics #threatintelligence
If AI models were able to do all the things people claim they do, the foundational model companies would be raking in Trillions from the additional output and they would keep the AI itself under lock and key.
It’s like buying a “how to get rich” course off the internet.
It’s like buying a “how to get rich” course off the internet.
September 3, 2025 at 6:01 PM
If AI models were able to do all the things people claim they do, the foundational model companies would be raking in Trillions from the additional output and they would keep the AI itself under lock and key.
It’s like buying a “how to get rich” course off the internet.
It’s like buying a “how to get rich” course off the internet.
Reposted by Alex Pinto
PHENOMENAL work by @censys.bsky.social w/special shout out to one of the best cyber researchers out there (Himaja, who is smartly not on social media).
They discovered sophisticated proxy infra designed for long-term espionage operations, & most victims probably have no idea they're compromised.
They discovered sophisticated proxy infra designed for long-term espionage operations, & most victims probably have no idea they're compromised.
2025 State of the Internet: Digging into Residential Proxy Infrastructure
In-depth analysis of the PolarEdge botnet (first reported on by Sekoia in early 2025) a suspected ORB targeting edge devices since mid-2023. This blog covers infrastructure patterns, profiles current ...
censys.com
August 14, 2025 at 5:33 PM
PHENOMENAL work by @censys.bsky.social w/special shout out to one of the best cyber researchers out there (Himaja, who is smartly not on social media).
They discovered sophisticated proxy infra designed for long-term espionage operations, & most victims probably have no idea they're compromised.
They discovered sophisticated proxy infra designed for long-term espionage operations, & most victims probably have no idea they're compromised.
Are there any good write ups on the Salesforce data exfils that have been happening?
Did ShinyHunters create a mass credential dump tool just like the one we had last year with Snowflake?
Did ShinyHunters create a mass credential dump tool just like the one we had last year with Snowflake?
August 9, 2025 at 3:42 AM
Are there any good write ups on the Salesforce data exfils that have been happening?
Did ShinyHunters create a mass credential dump tool just like the one we had last year with Snowflake?
Did ShinyHunters create a mass credential dump tool just like the one we had last year with Snowflake?
It seems like berries really are the LLM model’s weakness.
August 8, 2025 at 12:29 AM
It seems like berries really are the LLM model’s weakness.
Rare glimpse of the 2026 DBIR editorial document:
“Given the prevalence of file transfer and management servers in 2023 and perimeter devices in 2024, you may ask yourself which one of those led the vulnerability exploitation vector in 2025.”
“The answer is, of course, yes.”
“Given the prevalence of file transfer and management servers in 2023 and perimeter devices in 2024, you may ask yourself which one of those led the vulnerability exploitation vector in 2025.”
“The answer is, of course, yes.”
August 7, 2025 at 1:26 AM
Rare glimpse of the 2026 DBIR editorial document:
“Given the prevalence of file transfer and management servers in 2023 and perimeter devices in 2024, you may ask yourself which one of those led the vulnerability exploitation vector in 2025.”
“The answer is, of course, yes.”
“Given the prevalence of file transfer and management servers in 2023 and perimeter devices in 2024, you may ask yourself which one of those led the vulnerability exploitation vector in 2025.”
“The answer is, of course, yes.”
Oh no! Terrible week for it.
CISA & Microsoft just announced another serious Microsoft Exchange vulnerability. www.cisa.gov/news-events/... techcommunity.microsoft.com/blog/exchang...
Attackers with admin access to on-prem server could escalate privileges & compromise cloud service.
MSFT says no exploitation observed yet.
Attackers with admin access to on-prem server could escalate privileges & compromise cloud service.
MSFT says no exploitation observed yet.
August 7, 2025 at 1:19 AM
Oh no! Terrible week for it.
Trump subiu no telhado.
(For all the PT-BR idiom enjoyers out there)
(For all the PT-BR idiom enjoyers out there)
August 5, 2025 at 3:32 PM
Trump subiu no telhado.
(For all the PT-BR idiom enjoyers out there)
(For all the PT-BR idiom enjoyers out there)
Reposted by Alex Pinto
I laughed so hard I thought I was going to cough up an organ. Every line is gold.
In the Future All Food Will Be Cooked in a Microwave, and if You Can’t Deal With That Then You Need to Get Out of the Kitchen
As a restaurant owner – I’m astounded at the rate of progress since microwaves were released a few short years ago. Today’s microwave can cook a frozen burrito. Tomorrow’s m…
www.colincornaby.me
August 4, 2025 at 11:06 PM
I laughed so hard I thought I was going to cough up an organ. Every line is gold.
Reposted by Alex Pinto
• What these signals might reveal about attacker workflows
• How defenders can use this information to act early
Read the full research report here:
www.greynoise.io/resources/ea...
Always happy to discuss or answer questions about the data — just drop a line at research@greynoise.io.
• How defenders can use this information to act early
Read the full research report here:
www.greynoise.io/resources/ea...
Always happy to discuss or answer questions about the data — just drop a line at research@greynoise.io.
Early Warning Signals: When Attacker Behavior Precedes New Vulnerabilities
GreyNoise’s new research reveals a recurring pattern: spikes in malicious activity often precede the disclosure of new CVEs — especially in enterprise edge technologies like VPNs and firewalls.
www.greynoise.io
July 31, 2025 at 1:17 PM
• What these signals might reveal about attacker workflows
• How defenders can use this information to act early
Read the full research report here:
www.greynoise.io/resources/ea...
Always happy to discuss or answer questions about the data — just drop a line at research@greynoise.io.
• How defenders can use this information to act early
Read the full research report here:
www.greynoise.io/resources/ea...
Always happy to discuss or answer questions about the data — just drop a line at research@greynoise.io.
Reposted by Alex Pinto
Three high-profile former CISA employees have joined @istorg.bsky.social to keep working on Secure by Design and figure out a stable future for the CVE program. www.politico.com/newsletters/...
July 28, 2025 at 3:00 PM
Three high-profile former CISA employees have joined @istorg.bsky.social to keep working on Secure by Design and figure out a stable future for the CVE program. www.politico.com/newsletters/...
Saving this to read tomorrow.
Hi, #EconSky! I’m Anderson, a 6th year PhD candidate at the University of Virginia. For those going to ASSA this week, I’ll be presenting my job market paper, The Effects of Privacy Regulation on the Supply of Stolen Data, during the CSMGEP session tomorrow at 8AM. Here’s a short thread about it
June 16, 2025 at 1:10 AM
Saving this to read tomorrow.
Reposted by Alex Pinto
I’m partial to “Habsburg models” to describe this model - en.m.wikipedia.org/wiki/House_o...
June 5, 2025 at 3:52 PM
I’m partial to “Habsburg models” to describe this model - en.m.wikipedia.org/wiki/House_o...
Reposted by Alex Pinto
New episode of DISCARDED featuring the great @alexcp.bsky.social discussing the 2025 Verizon DBIR! Join us for hot takes, insights into the current threat landscape, interesting findings about vulnerability exploitation and third-party risk, and so much more.
podcasts.apple.com/us/podcast/d...
podcasts.apple.com/us/podcast/d...
DISCARDED: Tales From the Threat Research Trenches
Technology Podcast · Updated Biweekly · DISCARDED: Tales from the Threat Research Trenches is a podcast for security practitioners, intelligence analysts, and threat hunters looking to learn more abou...
podcasts.apple.com
June 4, 2025 at 9:17 PM
New episode of DISCARDED featuring the great @alexcp.bsky.social discussing the 2025 Verizon DBIR! Join us for hot takes, insights into the current threat landscape, interesting findings about vulnerability exploitation and third-party risk, and so much more.
podcasts.apple.com/us/podcast/d...
podcasts.apple.com/us/podcast/d...
Dan is a brilliant writer. This summarizes my feelings about Generative AI in general, and the next time someone asks me if I will be using Generative AI in my work, I’ll just send them this link.
We're living through the Who Cares Era, where completely disposable things are shoddily produced for people to mostly ignore, while the government stomps its uncaring boot on our necks. But there's an easy way to fight back: Care.
I wrote about it: dansinker.com/posts/2025-0...
I wrote about it: dansinker.com/posts/2025-0...
May 24, 2025 at 3:27 AM
Dan is a brilliant writer. This summarizes my feelings about Generative AI in general, and the next time someone asks me if I will be using Generative AI in my work, I’ll just send them this link.